fixed interactions between webui and jsonapi in GUI

libretroshare/src/jsonapi/jsonapi.cpp

@@ -144,7 +144,7 @@ bool RsJsonAPI::parseToken(const std::string& clear_token,std::string& user,std:
 		return false;
 
 	user   = clear_token.substr(0,last_index);
-	passwd = clear_token.substr(last_index+1,(int)clear_token.size()-(int)last_index-2);
+	passwd = clear_token.substr(last_index+1,(int)clear_token.size()-(int)last_index-1);
 
 	return true;
 }

libretroshare/src/rsserver/p3webui.cc

@@ -31,6 +31,7 @@
 #include "util/rsthreads.h"
 #include "util/rsdebug.h"
 #include "retroshare/rswebui.h"
+#include "retroshare/rsjsonapi.h"
 
 #define TEXT_HTML   0
 #define TEXT_CSS    1
@@ -139,3 +140,12 @@ int p3WebUI::status() const
         return WEBUI_STATUS_NOT_RUNNING;
 }
 
+void p3WebUI::setUserPassword(const std::string& passwd)
+{
+#ifdef RS_JSONAPI
+    if(!rsJsonAPI->authorizeUser("webui",passwd))
+        std::cerr << "(EE) Cannot register webui token. Some error occurred when calling authorizeUser()" << std::endl;
+#else
+	std::cerr << "(EE) JsonAPI is not available in this buildof Retroshare! Cannot register a user password for the WebUI" << std::endl;
+#endif
+}

libretroshare/src/rsserver/p3webui.h

@@ -38,6 +38,7 @@ public:
     virtual bool stop() override { return RestbedService::stop();}
     virtual void setListeningPort(uint16_t port) override { RestbedService::setListeningPort(port) ;}
     virtual void setBindingAddress(const std::string& address) override { RestbedService::setBindAddress(address) ;}
+    virtual void setUserPassword(const std::string& passwd) override;
 
     virtual int status() const override;
     virtual std::vector<std::shared_ptr<restbed::Resource> > getResources() const override;

retroshare-gui/src/gui/settings/JsonApiPage.cc

@@ -35,14 +35,15 @@ JsonApiPage::JsonApiPage(QWidget */*parent*/, Qt::WindowFlags /*flags*/)
 	connect( ui.enableCheckBox,        SIGNAL(toggled(bool)), this, SLOT(enableJsonApi(bool)));
 	connect( ui.addTokenPushButton,    SIGNAL(clicked()), this, SLOT(addTokenClicked()));
 	connect( ui.removeTokenPushButton, SIGNAL(clicked()), this, SLOT(removeTokenClicked() ));
-	connect( ui.tokensListView,        SIGNAL(clicked()), this, SLOT(tokenClicked() ));
+	connect( ui.tokensListView,        SIGNAL(clicked(const QModelIndex&)), this, SLOT(tokenClicked(const QModelIndex&) ));
 	connect( ui.applyConfigPushButton, SIGNAL(clicked()), this, SLOT(onApplyClicked() ));
 	connect( ui.portSpinBox, 		   SIGNAL(valueChanged(int)), this, SLOT(updateParams() ));
 	connect( ui.listenAddressLineEdit, SIGNAL(textChanged(QString)), this, SLOT(updateParams() ));
+	connect( ui.tokenLineEdit, SIGNAL(textChanged(QString)), this, SLOT(checkToken(QString) ));
 
     // This limits the possible tokens to alphanumeric
 
-    QString anRange = "{[a-z]|[A-Z]|[0-9]}+";
+    QString anRange = "[a-zA-Z0-9]+";
     QRegExp anRegex ("^" + anRange + ":" + anRange + "$");
     QRegExpValidator *anValidator = new QRegExpValidator(anRegex, this);
 
@@ -152,7 +153,7 @@ bool JsonApiPage::checkStartJsonApi()
 #endif
 }
 
-void JsonApiPage::onApplyClicked(bool)
+void JsonApiPage::onApplyClicked()
 {
     // restart
 
@@ -160,7 +161,26 @@ void JsonApiPage::onApplyClicked(bool)
     checkStartJsonApi();
 }
 
-void JsonApiPage::addTokenClicked(bool)
+void JsonApiPage::checkToken(QString s)
+{
+    std::string user,passwd;
+
+    bool valid = RsJsonAPI::parseToken(s.toStdString(),user,passwd) && !user.empty() && !passwd.empty();
+    QColor color;
+
+	if(!valid)
+		color = QApplication::palette().color(QPalette::Disabled, QPalette::Base);
+	else
+		color = QApplication::palette().color(QPalette::Active, QPalette::Base);
+
+	/* unpolish widget to clear the stylesheet's palette cache */
+	//ui.searchLineFrame->style()->unpolish(ui.searchLineFrame);
+
+	QPalette palette = ui.tokenLineEdit->palette();
+	palette.setColor(ui.tokenLineEdit->backgroundRole(), color);
+	ui.tokenLineEdit->setPalette(palette);
+}
+void JsonApiPage::addTokenClicked()
 {
 	QString token(ui.tokenLineEdit->text());
     std::string user,passwd;
@@ -178,7 +198,7 @@ void JsonApiPage::addTokenClicked(bool)
 	whileBlocking(ui.tokensListView)->setModel(new QStringListModel(newTk));
 }
 
-void JsonApiPage::removeTokenClicked(bool)
+void JsonApiPage::removeTokenClicked()
 {
 	QString token(ui.tokenLineEdit->text());
 	rsJsonAPI->revokeAuthToken(token.toStdString());

retroshare-gui/src/gui/settings/JsonApiPage.h

@@ -33,7 +33,6 @@ public:
 	~JsonApiPage() {}
 
 	/** Loads the settings for this page */
-	virtual void load();
 
 	virtual QPixmap iconPixmap() const
 	{ return QPixmap(":/icons/svg/empty-circle.svg"); }
@@ -49,12 +48,15 @@ public:
 	static void checkShutdownJsonApi();
 
 public slots:
-	void onApplyClicked(bool);
-	void addTokenClicked(bool);
-	void removeTokenClicked(bool);
+	void load() override;
+
+	void onApplyClicked();
+	void addTokenClicked();
+	void removeTokenClicked();
 	void tokenClicked(const QModelIndex& index);
 	void enableJsonApi(bool checked);
 	bool updateParams();
+	void checkToken(QString);
 
 private:
 	Ui::JsonApiPage ui; /// Qt Designer generated object

retroshare-gui/src/gui/settings/JsonApiPage.ui

@@ -87,7 +87,7 @@
         <item>
          <widget class="QLineEdit" name="tokenLineEdit">
           <property name="toolTip">
-           <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;ApiUser:ApiPassword&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+           <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Tokens should spell as &amp;quot;user:password&amp;quot; where both user and password are alphanumeric strings.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
           </property>
          </widget>
         </item>

retroshare-gui/src/gui/settings/WebuiPage.cpp

@@ -28,6 +28,7 @@
 
 #include "util/misc.h"
 #include "retroshare/rswebui.h"
+#include "retroshare/rsjsonapi.h"
 
 #include "rsharesettings.h"
 
@@ -57,10 +58,6 @@ WebuiPage::~WebuiPage()
 
 }
 
-void WebuiPage::onPasswordValueChanged(QString password)
-{
-    std::cerr << "Setting new password to \"" << password.toStdString() << "\"" << std::endl;
-}
 void WebuiPage::selectWebInterfaceDirectory()
 {
     QString dirname = QFileDialog::getExistingDirectory(NULL,tr("Please select the directory were to find retroshare webinterface files"),ui.webInterfaceFiles_LE->text());
@@ -96,6 +93,25 @@ bool WebuiPage::updateParams(QString &errmsg)
     return ok;
 }
 
+void WebuiPage::onPasswordValueChanged(QString password)
+{
+    QColor color;
+
+    bool valid = password.length() >= 1;
+
+	if(!valid)
+		color = QApplication::palette().color(QPalette::Disabled, QPalette::Base);
+	else
+		color = QApplication::palette().color(QPalette::Active, QPalette::Base);
+
+	/* unpolish widget to clear the stylesheet's palette cache */
+	//ui.searchLineFrame->style()->unpolish(ui.searchLineFrame);
+
+	QPalette palette = ui.password_LE->palette();
+	palette.setColor(ui.password_LE->backgroundRole(), color);
+	ui.password_LE->setPalette(palette);
+}
+
 bool WebuiPage::restart()
 {
 	// apply config
@@ -110,6 +126,14 @@ void WebuiPage::load()
 	whileBlocking(ui.port_SB)->setValue(Settings->getWebinterfacePort());
 	whileBlocking(ui.webInterfaceFiles_LE)->setText(Settings->getWebinterfaceFilesDirectory());
 	whileBlocking(ui.allIp_CB)->setChecked(Settings->getWebinterfaceAllowAllIps());
+
+#ifdef RS_JSONAPI
+    auto smap = rsJsonAPI->getAuthorizedTokens();
+    auto it = smap.find("webui");
+
+    if(it != smap.end())
+		whileBlocking(ui.password_LE)->setText(QString::fromStdString(it->second));
+#endif
 }
 
 
@@ -180,11 +204,15 @@ void WebuiPage::onApplyClicked()
 {
     QString errmsg;
 
+    rsWebUI->setUserPassword(ui.password_LE->text().toStdString());
+
     if(!restart())
     {
         QMessageBox::warning(0, tr("failed to start Webinterface"), "Failed to start the webinterface.");
         return;
     }
+
+    emit passwordChanged();
 }
 
 void WebuiPage::onStartWebBrowserClicked()

retroshare-gui/src/gui/settings/WebuiPage.h

@@ -66,6 +66,9 @@ public slots:
   void onApplyClicked();
   void onStartWebBrowserClicked();
 
+signals:
+  void passwordChanged();
+
 private:
   /** Qt Designer generated object */
   Ui::WebuiPage ui;

retroshare-gui/src/gui/settings/rsettingswin.cpp

@@ -164,12 +164,15 @@ SettingsPage::initStackedWidget()
     addPage(new AppearancePage()); // APPEARENCE
     addPage(new SoundPage() ); // SOUND
     addPage(new ServicePermissionsPage() ); // PERMISSIONS
-#ifdef RS_WEBUI
-    addPage(new WebuiPage() );
-#endif
-
 #ifdef RS_JSONAPI
+    JsonApiPage *jsonapi_p = new JsonApiPage() ;
 	addPage(new JsonApiPage());
+#ifdef RS_WEBUI
+    WebuiPage *webui_p = new WebuiPage() ;
+    addPage(new WebuiPage() );
+
+    QObject::connect(webui_p,SIGNAL(passwordChanged()),jsonapi_p,SLOT(load()));
+#endif
 #endif
 
 	 // add widgets from plugins

retroshare-gui/src/main.cpp

@@ -572,14 +572,14 @@ feenableexcept(FE_INVALID | FE_DIVBYZERO);
 
 	notify->enable() ;	// enable notification system after GUI creation, to avoid data races in Qt.
 
-#ifdef RS_WEBUI
-    WebuiPage::checkStartWebui();	// normally we should rather save the UI flags internally to p3webui
-#endif
-
 #ifdef RS_JSONAPI
 	JsonApiPage::checkStartJsonApi();
 #endif // RS_JSONAPI
 
+#ifdef RS_WEBUI
+    WebuiPage::checkStartWebui();	// normally we should rather save the UI flags internally to p3webui
+#endif
+
 	// This is done using a timer, because the passphrase request from notify is asynchrouneous and therefore clearing the
 	// passphrase here makes it request for a passphrase when creating the default chat identity.
 
@@ -589,14 +589,14 @@ feenableexcept(FE_INVALID | FE_DIVBYZERO);
 	int ti = rshare.exec();
 	delete w ;
 
-#ifdef RS_JSONAPI
-	JsonApiPage::checkShutdownJsonApi();
-#endif // RS_JSONAPI
-
 #ifdef RS_WEBUI
 	WebuiPage::checkShutdownWebui();
 #endif
 
+#ifdef RS_JSONAPI
+	JsonApiPage::checkShutdownJsonApi();
+#endif // RS_JSONAPI
+
 	/* cleanup */
 	ChatDialog::cleanupChat();
 #ifdef RS_ENABLE_GXS